Legitimate and dangerous file encryption: how do these techniques differ?

There is a major distinction we should make between the legitimate and the malicious file encryption software. The former tools are usually applied for data protection purposes and can be a great addition to the overall system’s security. Malicious file encryption, on the other hand, is favored by the cyber criminals who use it as a tool for illegal money extortion. To be more exact, malicious encryption software has been put to a widespread use by the creators of crypto-ransomware — a type of computer virus which uses complex, military-grade algorithms to lock predetermined and asks the computer owner’s to pay money in order to receive the decryption key. Over the last few years, these viruses became so popular that it started changing people’s perception of encryption itself. The term began to be more frequently used in the negative context while the benefits of legitimate encryption were often overlooked. To dispel all the misconception surrounding this topic, we will discuss benefits and drawbacks of the legitimate and malicious encryption below.

What are the benefits of the legitimate file encryption software?

Ransomware victims are well aware of the power of file encryption. But can this brutal force be used for your a good cause at the same time? It sure can. In fact, it is one of the best ways for keeping your personal files, archives and communication private. It is not uncommon for the computers to get lost; people accidentally leave them on buses or planes; ultimately, they may even get stolen. Unfortunately, even if your computer is protected with system password, it is just a small obstacle separating unauthorized third-parties from accessing the containing data. If it gets cracked, what happens to the data? There are numerous gruesome scenarios that may follow, including identity theft, data leak, and even financial loss. It all depends on the amount of sensitive information that is stored on the device. However, if the data on the device is encrypted, it will be virtually inaccessible without a private key or password.

There are several approaches that can be applied when encrypting data. You can either encrypt your entire computer or focus on specific files or folders. These approaches both have their pros and cons. The whole system encryption, for instance, is more powerful and more difficult to infringe. On the other hand, data encrypted in such a way may be more vulnerable in case of drive corruption. Besides, data encryption does not ensure full system protection. Antivirus utilities, firewalls and, finally, data backups are the essential attributes of the computer security.

Malicious file encryption: how does it work?

Though crypto-ransomware viruses come in various forms and may seem completely different, most of them work identically. They are first deployed on the computers with the help of Trojans, exploit kits or malicious spam emails. Then, these programs start automatically scanning the system in search of specific file types and encrypt them, once detected. Ransomware uses two keys for this process: private and public. The public key is used for data encryption, while the private one decrypts it. This is where the hackers begin to take control. They block the victim’s access to the private key and demand considerable amounts of money for its return. Unfortunately, there is never a guarantee that this key will be issued even after the ransom is paid. The hackers may simply vanish with your money as well as your hope of reclaiming personal files.

As you can see, ransomware business is rather easy and highly profitable that is why it attracts so many hackers who choose to invest their time in making crypto-viruses, leaving other extortion techniques behind. Over the past couple of years, ransomware has risen to the leading position among other cyber infections. At the same time, it became the main focus and headache for the virus analysts who are always looking for alternative file encryption solutions. Ransomware usually use different types of RSA and AES ciphers to encrypt targeted files, so every virus has to be examined individually. This makes the experts’ work even more demanding. Finding a crack in a well-established malware usually takes a lot of time, so the users are encouraged to remove the virus from the infected system instead of waiting for the decryptor.

Legitimate data encryption tools:

As we have already discussed the malicious file encryption techniques, we should also point out that legitimate file encryption does not necessarily outweigh the malicious one. It is just one of the security layers that might be useful in protecting your data, but if it is not combined with antivirus software, firewalls or data backup, it will most likely have little effect. Nevertheless, it might show better results in the case of some other malware attack. Below we introduce the main types of tools that can be used for the secure data encryption.

Downloaded encryptors. When discussing encryption tools people often think about applications that they download from the Internet. And, in a way, they are right. The widest selection of file encryption software can, indeed, be found online. However, if you decide to obtain such a utility, you should make sure it is reputable and will do its job properly. Keep in mind that malware developers may try to benefit from the users wanting to protect their computers by tossing them fake encryptors.

Archiving software. As we have mentioned, there are plenty of tools that are designed specifically for file encryption. But not all users may know that other programs like, for instance, archiving software can be used for the same purpose as well. Take 7-Zip for instance. It uses AES 256-bit cipher to encrypt the files and just like other encryption tool, protects them with a custom password. Besides, data encrypted in such a way are more manageable, can be transferred easier and take less storage space.

Built-in tools. With all the downloadable utilities out there, users often forget about the ones that are right at hand. We are talking about file encryption utilities that come pre-installed on your computer. All the well-known operating system developers have included encryption feature among other security features. Let’s look at the two leading ones in more detail:

BitLocker. You can find this utility on the majority of Windows operating systems. Created by Microsoft, this closed-source utility can be used to encrypt the whole system or just parts of it. The benefits of this program are obvious: you do not have to install additional software on your computer, and you can always contact reputable tech support in case you have any questions or issues.

File Vault 2 is OS X equivalent of BitLocker. It is also a build-in closed-source encryption tool that comes pre-installed with the system. For the encryption File Vault 2 uses XTS-AES 128-bit encryption and, just like the Microsoft version, allows encrypting the whole disk at once. After this process, the files can only be accessed by submitting the custom passcode.

Smartphone encryption. Smartphone OS developers do not fall behind with the encryption capabilities. Since we use these devices every day, perhaps even more than computers, we must be sure that they are secure as well. PIN codes are already the past. They are not enough to properly protect your files. For this reason, encryption functions have been integrated on Androids and iOS as well.